DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Priority
This application repeats a substantial portion of prior Application No. 15/857,797, filed 12/29/17, and adds disclosure not presented in the prior application. Because this application names the inventor or at least one joint inventor named in the prior application, it may constitute a continuation-in-part of the prior application. Should applicant desire to claim the benefit of the filing date of the prior application, attention is directed to 35 U.S.C. 120, 37 CFR 1.78, and MPEP § 211 et seq.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 4,11 are  rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being incomplete for omitting essential structural cooperative relationships of elements, such omission amounting to a gap between the necessary structural connections.  See MPEP § 2172.01.  The omitted structural cooperative relationships are: Claims recites as “where the content identifier further comprises a file name, comprised of the content identifier, owner identifier, file name, content type, and the transformed file was created”. It should be the transformed data NOT the transformed file(pls see claim 1, 8). Again, the claim should be as ““where the content identifier further comprises a file name, wherein file name comprised of owner identifier, content type, and date/time stamp the transformed data was created”. Appropriate correction required.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim 1-2, 7-9, 14 are rejected under 35 U.S.C. 103 as being unpatentable over Gauda(US 20130305039 A1 ) in view of Rohel et al(US 20180351923 A1) .


With regards to claim 1, 8 Gauda discloses, A system for secure data storage and retrieval, comprising: 
a data processor having network connections to a secure web content gateway server (FIG 2 201A and associated text; ); 
said data processor transmitting user identified content to said secure web content gateway server (FIG 15 1500 and associated text; [0085]; The method then generates 
said secure web content gateway server transforming user identified content and a set of supplemental information including one or more validation rules into a transformed data set (FIG 15 1510, 1520 and associated text; ); 
said data processor transmitting a user request for retrieval of user identified content to the secure web content gateway server (FIG 13 1300 and associated text; ); 
said secure web content gateway server retrieving an encrypted transformed data set upon validation that said encrypted transformed data set contains at least said user identified content (FIG 13 1315 and associated text; ); 
transmitting said encrypted user identified content to the data processor and reported to the user (FIG 12 [0093] Along with information identifying the files for display to the user, such as the path at which each file should be displayed, the corresponding file manifest ID and file manifest encryption key is stored so that the CFS client module can retrieve the encrypted file manifest corresponding to that file from the cloud storage system and decrypt the encrypted file manifest.).

Gauda does not exclusively but Rohel teaches, 
said secure web content gateway server encrypting said transformed data set and transmitting the encrypted transformed data set to a secure data storage system for storage in an electronic data file ([0124] The technique 600 includes receiving a 
said secure web content gateway server decrypting and transforming said encrypted transformed data set to produce said user identified content (Rohel [0070]; The encrypted data can be decrypted by the gateway device 322 before being used by a device within the customer environment 302.); 
said secure web content gateway server generating a security key, encrypting said user identified content with the generated security key (Rohel [0118] For example, the command received from the server device may include data encrypted by the server device using the public key associated with the gateway device. Checking whether the command comprises data that was encrypted using the key associated with the gateway device may include decrypting, by the gateway device, the data using the private key associated with the gateway device. For example, determining that the command comprises the data that was encrypted using the key associated with the gateway device may include successfully decrypting the data using the private key.  [0117] In some implementations, the private and public key pair can be generated by the gateway device or another device in the customer environment 302. In some implementations, the private and public key pair can be generated by a separate mechanism, such as a key generator 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify Gauda’s system with teaching of Rohel in order to secure data transfer(Rohel [0001]).
	 

With regards to claim 2, 9 Gauda further discloses, where the transforming user identified content comprises changing the original format of structured and/or unstructured data into a single file representation of the original data regardless of its original structure and content (FIG 4 and associated text;).

With regards to claim 7, 14 Gauda in view of Rohel further discloses, where the retrieved and decrypted transformed data set is returned to the original format and data structure ([0070]; The encrypted data can be decrypted by the gateway device 322 before being used by a device within the customer environment 302). Motivation would be same as stated in claim 1, 8.






Claims 3-5, 10-12 are rejected under 35 U.S.C. 103 as being unpatentable over Gauda(US 20130305039 A1 ) in view of in view of Rohel et al(US 20180351923 A1) and Hugot et al(US 20190268341 A1).

With regards to claim 3, 10 Gauda in view of Rohel do not but Hugot teaches, where the supplemental information comprises at least an encryption key, content type identifier, content identifier, data owner identifier, and the validation rules which must be satisfied for the content to be retrieved (Hugot [0058] A metadata attribute(s), as data description information, may include one or several elements of a group comprising: [0059] a ( data) client identity(ies), such as a name(s) and/or an email address(es), an Internet Protocol (or IP) address(es), an IDentifier(s) (or ID) relating to a software component(s); [0060] a ( data) creator identity(ies), such as a name(s) and/or an email address(es); [0061] a ( data) owner identity(ies),…. [0064] a ( data) type(s), such as text, image, binary, media, key or certificate; [0065] an AP: such as a policy that defines one or several data operations that are authorized preferably for a previously successfully authenticated client and that may depend on one or several context signals, such as a location(s), a network(s), an identity(ies), a data type(s) and/or an authentication process(es) used for authorizing the client..) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify Gauda in view of Rohel’s system with teaching of Hugot in order to select and identify user specific content.

where the content identifier further comprises a file name([0058] A metadata attribute(s), as data description information, may include one or several elements of a group comprising: [0059] a ( data) client identity(ies), such as a name(s)), comprised of the content identifier, owner identifier ([0061] ), file name ([0058]), content type ([0064] a ( data) type(s), such as text, image, binary, media, key or certificate;), and date/time stamp the transformed file was created ([0130-135]). Motivation would be same as stated in claim 3.2

With regards to claim 5, 12 Gauda in view of Rohel and Hugot further teaches, where the one or more validation rules contain a plurality of information including unique identifiers, date/time requirements, source IP address, geographic location, operating system fingerprint, and other similar identifying characteristics, one or more of which may be "negated" rules where lack of a characteristic being present fulfills the rule ([0130] As context signal(s) data, it may notably include: [0131] a type of the requested data, such as PII, a data classification level, a data ownership, a data access delegation or one or several data operations that the data (and/or associated metadata) should undergo; [0132] a user identity(ies), such as a user ID, a group ID, a citizenship ID and/or a job title ID; [0133] a user environment data item(s): such as one or more user owned Bluetooth type devices in the vicinity of the PC 12; [0134] a device identity(ies), like e.g. a (known, unknown or trusted) device ID, a genuine device (i.e. not rooted), [0135] a device environment data item(s): such as a device configuration ID(s), such as an OS version and/or an application version; [0136] a context, as the context that is valid at the time the data is requested to be accessed, such as data relating to the .

Claims 6, 13 are rejected under 35 U.S.C. 103 as being unpatentable over Gauda(US 20130305039 A1 ) in view of in view of Rohel et al(US 20180351923 A1) and Craggs(US 20210173900 A1).

With regards to claim 6, 13 Gauda in view of Rohel do not but Craggs teaches, where the security key comprises a one-time use security key generated just prior to use (Craggs [0018]In an implementation, a server may send encrypted payloads of premium content to secondary devices that may only be decrypted using the OTPs as a secret key.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify Gauda in view of Rohel’s system with teaching of Craggs in order to secure the content.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOHAMMED WALIULLAH whose telephone number is (571)270-7987.  The examiner can normally be reached on 8.30 to 430 PM.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 1-571-272-8878.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/MOHAMMED WALIULLAH/Primary Examiner, Art Unit 2498